CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2008-3358
https://notcve.org/view.php?id=CVE-2008-3358
28 Jan 2009 — Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el Web Dynpro (WD) en el portal SAP NetWeaver, cuando se usa con Internet Explorer v7.0.5730, permite a atacantes remotos inyectar secuencias de co... • http://osvdb.org/51627 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1846
https://notcve.org/view.php?id=CVE-2008-1846
16 Apr 2008 — The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the "Always Use Secure HTML Editor" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file. La configuración por defecto de AP NetWeaver versiones anteriores a 7.0 SP15 no permite el parámetro "Always Use Secure HTML Editor" (también conocido como Editor Security or Secure Editing), lo cual permite a atacantes remotos llevar a cabo... • http://securityreason.com/securityalert/3812 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2007-3496
https://notcve.org/view.php?id=CVE-2007-3496
29 Jun 2007 — Cross-site scripting (XSS) vulnerability in SAP Web Dynpro Java (BC-WD-JAV) in SAP NetWeaver Nw04 SP15 through SP19 and Nw04s SP7 through SP11, aka SAP Java Technology Services 640 before SP20 and SAP Web Dynpro Runtime Core Components 700 before SP12, allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en SAP Web Dynpro Java (BC-WD-JAV) en SAP NetWeaver Nw04 SP15 hasta SP19 y Nw04s SP7 hasta SP11, t... • http://osvdb.org/37748 •